LKML Archive on lore.kernel.org
 help / Atom feed
* [PATCH 0/2] KVM retpoline fixes
@ 2018-01-25  9:58 Peter Zijlstra
  2018-01-25  9:58 ` [PATCH 1/2] x86,kvm: Fix indirect calls in emulator Peter Zijlstra
  2018-01-25  9:58 ` [PATCH 2/2] x86,vmx: Fix indirect call Peter Zijlstra
  0 siblings, 2 replies; 6+ messages in thread
From: Peter Zijlstra @ 2018-01-25  9:58 UTC (permalink / raw)
  To: David Woodhouse, Thomas Gleixner, Josh Poimboeuf
  Cc: linux-kernel, Dave Hansen, Ashok Raj, Tim Chen, Andy Lutomirski,
	Linus Torvalds, Greg KH, Andrea Arcangeli, Andi Kleen,
	Arjan Van De Ven, Dan Williams, Paolo Bonzini, Jun Nakajima,
	Asit Mallick, Jason Baron, rga, Peter Zijlstra

Here the two KVM retpoline fixes that should get into tip/x86/pti asap.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH 1/2] x86,kvm: Fix indirect calls in emulator
  2018-01-25  9:58 [PATCH 0/2] KVM retpoline fixes Peter Zijlstra
@ 2018-01-25  9:58 ` Peter Zijlstra
  2018-01-25 10:34   ` [tip:x86/pti] KVM: x86: Make indirect calls in emulator speculation safe tip-bot for Peter Zijlstra
  2018-01-25  9:58 ` [PATCH 2/2] x86,vmx: Fix indirect call Peter Zijlstra
  1 sibling, 1 reply; 6+ messages in thread
From: Peter Zijlstra @ 2018-01-25  9:58 UTC (permalink / raw)
  To: David Woodhouse, Thomas Gleixner, Josh Poimboeuf
  Cc: linux-kernel, Dave Hansen, Ashok Raj, Tim Chen, Andy Lutomirski,
	Linus Torvalds, Greg KH, Andrea Arcangeli, Andi Kleen,
	Arjan Van De Ven, Dan Williams, Paolo Bonzini, Jun Nakajima,
	Asit Mallick, Jason Baron, rga, Peter Zijlstra, David Woodhouse

[-- Attachment #0: peterz-kvm-retpoline.patch --]
[-- Type: text/plain, Size: 1478 bytes --]

Replace the indirect calls with CALL_NOSPEC.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
---
 arch/x86/kvm/emulate.c |    9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -25,6 +25,7 @@
 #include <asm/kvm_emulate.h>
 #include <linux/stringify.h>
 #include <asm/debugreg.h>
+#include <asm/nospec-branch.h>
 
 #include "x86.h"
 #include "tss.h"
@@ -1021,8 +1022,8 @@ static __always_inline u8 test_cc(unsign
 	void (*fop)(void) = (void *)em_setcc + 4 * (condition & 0xf);
 
 	flags = (flags & EFLAGS_MASK) | X86_EFLAGS_IF;
-	asm("push %[flags]; popf; call *%[fastop]"
-	    : "=a"(rc) : [fastop]"r"(fop), [flags]"r"(flags));
+	asm("push %[flags]; popf; " CALL_NOSPEC
+	    : "=a"(rc) : [thunk_target]"r"(fop), [flags]"r"(flags));
 	return rc;
 }
 
@@ -5335,9 +5336,9 @@ static int fastop(struct x86_emulate_ctx
 	if (!(ctxt->d & ByteOp))
 		fop += __ffs(ctxt->dst.bytes) * FASTOP_SIZE;
 
-	asm("push %[flags]; popf; call *%[fastop]; pushf; pop %[flags]\n"
+	asm("push %[flags]; popf; " CALL_NOSPEC " ; pushf; pop %[flags]\n"
 	    : "+a"(ctxt->dst.val), "+d"(ctxt->src.val), [flags]"+D"(flags),
-	      [fastop]"+S"(fop), ASM_CALL_CONSTRAINT
+	      [thunk_target]"+S"(fop), ASM_CALL_CONSTRAINT
 	    : "c"(ctxt->src2.val));
 
 	ctxt->eflags = (ctxt->eflags & ~EFLAGS_MASK) | (flags & EFLAGS_MASK);

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH 2/2] x86,vmx: Fix indirect call
  2018-01-25  9:58 [PATCH 0/2] KVM retpoline fixes Peter Zijlstra
  2018-01-25  9:58 ` [PATCH 1/2] x86,kvm: Fix indirect calls in emulator Peter Zijlstra
@ 2018-01-25  9:58 ` Peter Zijlstra
  2018-01-25 10:34   ` [tip:x86/pti] KVM: VMX: Make indirect call specualation safe tip-bot for Peter Zijlstra
  2018-01-25 13:19   ` [tip:x86/pti] KVM: VMX: Make indirect call speculation safe tip-bot for Peter Zijlstra
  1 sibling, 2 replies; 6+ messages in thread
From: Peter Zijlstra @ 2018-01-25  9:58 UTC (permalink / raw)
  To: David Woodhouse, Thomas Gleixner, Josh Poimboeuf
  Cc: linux-kernel, Dave Hansen, Ashok Raj, Tim Chen, Andy Lutomirski,
	Linus Torvalds, Greg KH, Andrea Arcangeli, Andi Kleen,
	Arjan Van De Ven, Dan Williams, Paolo Bonzini, Jun Nakajima,
	Asit Mallick, Jason Baron, rga, Peter Zijlstra, David Woodhouse

[-- Attachment #0: peterz-kvm-vmx-retpoline.patch --]
[-- Type: text/plain, Size: 685 bytes --]

Replace indirect call with CALL_NOSPEC.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
---
 arch/x86/kvm/vmx.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -9129,14 +9129,14 @@ static void vmx_handle_external_intr(str
 #endif
 			"pushf\n\t"
 			__ASM_SIZE(push) " $%c[cs]\n\t"
-			"call *%[entry]\n\t"
+			CALL_NOSPEC
 			:
 #ifdef CONFIG_X86_64
 			[sp]"=&r"(tmp),
 #endif
 			ASM_CALL_CONSTRAINT
 			:
-			[entry]"r"(entry),
+			THUNK_TARGET(entry),
 			[ss]"i"(__KERNEL_DS),
 			[cs]"i"(__KERNEL_CS)
 			);

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [tip:x86/pti] KVM: x86: Make indirect calls in emulator speculation safe
  2018-01-25  9:58 ` [PATCH 1/2] x86,kvm: Fix indirect calls in emulator Peter Zijlstra
@ 2018-01-25 10:34   ` tip-bot for Peter Zijlstra
  0 siblings, 0 replies; 6+ messages in thread
From: tip-bot for Peter Zijlstra @ 2018-01-25 10:34 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: tglx, jpoimboe, dan.j.williams, ashok.raj, aarcange,
	jun.nakajima, luto, torvalds, arjan.van.de.ven, hpa, tim.c.chen,
	dwmw, gregkh, asit.k.mallick, jbaron, pbonzini, ak, mingo, dwmw2,
	dave.hansen, linux-kernel, peterz

Commit-ID:  1a29b5b7f347a1a9230c1e0af5b37e3e571588ab
Gitweb:     https://git.kernel.org/tip/1a29b5b7f347a1a9230c1e0af5b37e3e571588ab
Author:     Peter Zijlstra <peterz@infradead.org>
AuthorDate: Thu, 25 Jan 2018 10:58:13 +0100
Committer:  Thomas Gleixner <tglx@linutronix.de>
CommitDate: Thu, 25 Jan 2018 11:30:07 +0100

KVM: x86: Make indirect calls in emulator speculation safe

Replace the indirect calls with CALL_NOSPEC.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: David Woodhouse <dwmw@amazon.co.uk>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Ashok Raj <ashok.raj@intel.com>
Cc: Greg KH <gregkh@linuxfoundation.org>
Cc: Jun Nakajima <jun.nakajima@intel.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: rga@amazon.de
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Asit Mallick <asit.k.mallick@intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Jason Baron <jbaron@akamai.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Arjan Van De Ven <arjan.van.de.ven@intel.com>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Link: https://lkml.kernel.org/r/20180125095843.595615683@infradead.org

---
 arch/x86/kvm/emulate.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
index d90cdc7..453d8c9 100644
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -25,6 +25,7 @@
 #include <asm/kvm_emulate.h>
 #include <linux/stringify.h>
 #include <asm/debugreg.h>
+#include <asm/nospec-branch.h>
 
 #include "x86.h"
 #include "tss.h"
@@ -1021,8 +1022,8 @@ static __always_inline u8 test_cc(unsigned int condition, unsigned long flags)
 	void (*fop)(void) = (void *)em_setcc + 4 * (condition & 0xf);
 
 	flags = (flags & EFLAGS_MASK) | X86_EFLAGS_IF;
-	asm("push %[flags]; popf; call *%[fastop]"
-	    : "=a"(rc) : [fastop]"r"(fop), [flags]"r"(flags));
+	asm("push %[flags]; popf; " CALL_NOSPEC
+	    : "=a"(rc) : [thunk_target]"r"(fop), [flags]"r"(flags));
 	return rc;
 }
 
@@ -5305,9 +5306,9 @@ static int fastop(struct x86_emulate_ctxt *ctxt, void (*fop)(struct fastop *))
 	if (!(ctxt->d & ByteOp))
 		fop += __ffs(ctxt->dst.bytes) * FASTOP_SIZE;
 
-	asm("push %[flags]; popf; call *%[fastop]; pushf; pop %[flags]\n"
+	asm("push %[flags]; popf; " CALL_NOSPEC " ; pushf; pop %[flags]\n"
 	    : "+a"(ctxt->dst.val), "+d"(ctxt->src.val), [flags]"+D"(flags),
-	      [fastop]"+S"(fop), ASM_CALL_CONSTRAINT
+	      [thunk_target]"+S"(fop), ASM_CALL_CONSTRAINT
 	    : "c"(ctxt->src2.val));
 
 	ctxt->eflags = (ctxt->eflags & ~EFLAGS_MASK) | (flags & EFLAGS_MASK);

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [tip:x86/pti] KVM: VMX: Make indirect call specualation safe
  2018-01-25  9:58 ` [PATCH 2/2] x86,vmx: Fix indirect call Peter Zijlstra
@ 2018-01-25 10:34   ` tip-bot for Peter Zijlstra
  2018-01-25 13:19   ` [tip:x86/pti] KVM: VMX: Make indirect call speculation safe tip-bot for Peter Zijlstra
  1 sibling, 0 replies; 6+ messages in thread
From: tip-bot for Peter Zijlstra @ 2018-01-25 10:34 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: mingo, gregkh, torvalds, linux-kernel, jbaron, peterz, ashok.raj,
	arjan.van.de.ven, dwmw, dan.j.williams, hpa, jpoimboe,
	asit.k.mallick, dwmw2, luto, pbonzini, tglx, tim.c.chen,
	dave.hansen, ak, aarcange, jun.nakajima

Commit-ID:  34cc5034b57b81f789ad4714533ca921a9b1c9d7
Gitweb:     https://git.kernel.org/tip/34cc5034b57b81f789ad4714533ca921a9b1c9d7
Author:     Peter Zijlstra <peterz@infradead.org>
AuthorDate: Thu, 25 Jan 2018 10:58:14 +0100
Committer:  Thomas Gleixner <tglx@linutronix.de>
CommitDate: Thu, 25 Jan 2018 11:30:07 +0100

KVM: VMX: Make indirect call specualation safe

Replace indirect call with CALL_NOSPEC.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: David Woodhouse <dwmw@amazon.co.uk>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Ashok Raj <ashok.raj@intel.com>
Cc: Greg KH <gregkh@linuxfoundation.org>
Cc: Jun Nakajima <jun.nakajima@intel.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: rga@amazon.de
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Asit Mallick <asit.k.mallick@intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Jason Baron <jbaron@akamai.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Arjan Van De Ven <arjan.van.de.ven@intel.com>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Link: https://lkml.kernel.org/r/20180125095843.645776917@infradead.org

---
 arch/x86/kvm/vmx.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index d1e25db..924589c 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -9064,14 +9064,14 @@ static void vmx_handle_external_intr(struct kvm_vcpu *vcpu)
 #endif
 			"pushf\n\t"
 			__ASM_SIZE(push) " $%c[cs]\n\t"
-			"call *%[entry]\n\t"
+			CALL_NOSPEC
 			:
 #ifdef CONFIG_X86_64
 			[sp]"=&r"(tmp),
 #endif
 			ASM_CALL_CONSTRAINT
 			:
-			[entry]"r"(entry),
+			THUNK_TARGET(entry),
 			[ss]"i"(__KERNEL_DS),
 			[cs]"i"(__KERNEL_CS)
 			);

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [tip:x86/pti] KVM: VMX: Make indirect call speculation safe
  2018-01-25  9:58 ` [PATCH 2/2] x86,vmx: Fix indirect call Peter Zijlstra
  2018-01-25 10:34   ` [tip:x86/pti] KVM: VMX: Make indirect call specualation safe tip-bot for Peter Zijlstra
@ 2018-01-25 13:19   ` tip-bot for Peter Zijlstra
  1 sibling, 0 replies; 6+ messages in thread
From: tip-bot for Peter Zijlstra @ 2018-01-25 13:19 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: jbaron, dave.hansen, gregkh, pbonzini, arjan.van.de.ven,
	dan.j.williams, dwmw2, linux-kernel, jpoimboe, jun.nakajima,
	tglx, mingo, hpa, asit.k.mallick, aarcange, tim.c.chen,
	ashok.raj, dwmw, torvalds, luto, peterz, ak

Commit-ID:  c940a3fb1e2e9b7d03228ab28f375fb5a47ff699
Gitweb:     https://git.kernel.org/tip/c940a3fb1e2e9b7d03228ab28f375fb5a47ff699
Author:     Peter Zijlstra <peterz@infradead.org>
AuthorDate: Thu, 25 Jan 2018 10:58:14 +0100
Committer:  Thomas Gleixner <tglx@linutronix.de>
CommitDate: Thu, 25 Jan 2018 14:14:42 +0100

KVM: VMX: Make indirect call speculation safe

Replace indirect call with CALL_NOSPEC.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: David Woodhouse <dwmw@amazon.co.uk>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Ashok Raj <ashok.raj@intel.com>
Cc: Greg KH <gregkh@linuxfoundation.org>
Cc: Jun Nakajima <jun.nakajima@intel.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: rga@amazon.de
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Asit Mallick <asit.k.mallick@intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Jason Baron <jbaron@akamai.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Arjan Van De Ven <arjan.van.de.ven@intel.com>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Link: https://lkml.kernel.org/r/20180125095843.645776917@infradead.org
---
 arch/x86/kvm/vmx.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index d1e25db..924589c 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -9064,14 +9064,14 @@ static void vmx_handle_external_intr(struct kvm_vcpu *vcpu)
 #endif
 			"pushf\n\t"
 			__ASM_SIZE(push) " $%c[cs]\n\t"
-			"call *%[entry]\n\t"
+			CALL_NOSPEC
 			:
 #ifdef CONFIG_X86_64
 			[sp]"=&r"(tmp),
 #endif
 			ASM_CALL_CONSTRAINT
 			:
-			[entry]"r"(entry),
+			THUNK_TARGET(entry),
 			[ss]"i"(__KERNEL_DS),
 			[cs]"i"(__KERNEL_CS)
 			);

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, back to index

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-25  9:58 [PATCH 0/2] KVM retpoline fixes Peter Zijlstra
2018-01-25  9:58 ` [PATCH 1/2] x86,kvm: Fix indirect calls in emulator Peter Zijlstra
2018-01-25 10:34   ` [tip:x86/pti] KVM: x86: Make indirect calls in emulator speculation safe tip-bot for Peter Zijlstra
2018-01-25  9:58 ` [PATCH 2/2] x86,vmx: Fix indirect call Peter Zijlstra
2018-01-25 10:34   ` [tip:x86/pti] KVM: VMX: Make indirect call specualation safe tip-bot for Peter Zijlstra
2018-01-25 13:19   ` [tip:x86/pti] KVM: VMX: Make indirect call speculation safe tip-bot for Peter Zijlstra

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org linux-kernel@archiver.kernel.org
	public-inbox-index lkml


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/ public-inbox